data/reports: add vulnerable_at to GO-2021-0064.yaml

Note that adding vulnerable_at to the other affected package causes
an error, so skipping for now.

Aliases: CVE-2020-8565

Updates #64

Change-Id: I4598aec0e2d8e4c9d2ccbb5e2ba1893ac87f149a
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/462616
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Auto-Submit: Tatiana Bradley <tatiana@golang.org>
Run-TryBot: Tatiana Bradley <tatiana@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>

Author: tatianab

data/osv/GO-2021-0064.json

@@ -33,7 +33,12 @@
           {
             "path": "k8s.io/client-go/transport",
             "symbols": [
-              "requestInfo.toCurl"
+              "basicAuthRoundTripper.RoundTrip",
+              "bearerAuthRoundTripper.RoundTrip",
+              "debuggingRoundTripper.RoundTrip",
+              "impersonatingRoundTripper.RoundTrip",
+              "requestInfo.toCurl",
+              "userAgentRoundTripper.RoundTrip"
             ]
           }
         ]

data/reports/GO-2021-0064.yaml

@@ -2,10 +2,17 @@ modules:
   - module: k8s.io/client-go
     versions:
       - fixed: 0.20.0-alpha.2
+    vulnerable_at: 0.20.0-alpha.1
     packages:
       - package: k8s.io/client-go/transport
         symbols:
           - requestInfo.toCurl
+        derived_symbols:
+          - basicAuthRoundTripper.RoundTrip
+          - bearerAuthRoundTripper.RoundTrip
+          - debuggingRoundTripper.RoundTrip
+          - impersonatingRoundTripper.RoundTrip
+          - userAgentRoundTripper.RoundTrip
   - module: k8s.io/kubernetes
     versions:
       - fixed: 1.20.0-alpha.2